Setting password for Samsung evo 840 in BIOS

Toggle sidebar Toggle sidebar
T

Telec

Honorable
Nov 10, 2013
3
0
10,510
Hello!


There is, after hours of searching, literally no information about this topic from Samsung themselves which I find kind of strange. you'd think they would want to promote a feature like this?


So I have a few questions about setting up the password.

In my BIOS in the security tab I have options like "Hard Disk1 Password" which i gather is the password which is connected to the SSD. Now in typing the password I have noticed that there are very limited options. First of all it seems that I am not to able to use special characters like ! or ". This does not make sense to me as using special characters makes the password much stronger. I am able to use big and small letters or so I think! this leads to my next question:

I'm not able to actually see the password I typed. This might not be a big problem, but when combined with the latter problem I don't really have any way of knowing what my password actually is.

Is it maybe possible to set the password in another way without using the BIOS? it seems to have very limited options in this regard.

I have the UEFI BIOS version 1.7 running on an AMD machine



Thanks in advance, answers are greatly appreciated!
 
Sort by date Sort by votes
Szyrs

Szyrs

Distinguished
Aug 28, 2013
218
0
18,810
BIOS is on your motherboard, hence so is the password. Your SSD has firmware but even an OCZ Revodrive doesn't have an accessible BIOS.

The character set is limited to "old school" standards because the BIOS is not a feature rich operating environment, it's simply there to control the motherboard. If you are concerned about people getting into your SSD, you should probably look into a software option, such as a password in OS, or data encryption. Unless you are concerned that someone may have access to your BIOS, it's unlikely that anybody will be trying to crack it. As you have probably noticed already, you can't actually access any of your SSD's files in BIOS anyway...
 
Upvote 0 Downvote
lonewolf7

lonewolf7

Splendid
May 6, 2013
5,113
2
24,965
Yes its true you cannot use these special character's ( /\ : * ? " < >| ) not only in BIOS but also in Windows too, and also you cannot see your password when typing.

And yes it is possible to set password in Windows under User Accounts. You have to type the password every time on boot.

If you own a Lappy then contact the vendor on how to setup password for SSD in BIOS, they will help you.

 
Upvote 0 Downvote
Szyrs

Szyrs

Distinguished
Aug 28, 2013
218
0
18,810
Just to clarify what I meant, there is 3rd party software available that is designed to protect data/drives from unwanted intrusion. I would not recommend using windows passwords to protect anything, they are notoriously simply to get around.
 
Upvote 0 Downvote
T

Telec

Honorable
Nov 10, 2013
3
0
10,510
Thank you for the replies!
Maybe I should specify what i'm trying to do. I want to activate the hardware-based build-in full disk AES encryption that the Samsung 840 Evo provides. The following is provided by Samsung themselves:

http://www.samsung.com/global/business/semiconductor/minisite/SSD/us/html/about/whitepaper06.html

From the last paragraph
"AES encryption is always active on an 840 or 840 Pro Series SSD. In order to benefit from the encryption feature, however, the user must enable an ATA password to limit access to the data."

I do understand that the bios is a very basic and fundamental software and thats why it doesnt have more options. I just don't get why it is the only way you can activate the encryption on the SSD.

Btw. I would never rely on a OS password alone as it would be like hanging a towel instead of your door and hope that no one moves it to the side and steals everything you owe...

I am interested in the hardware encryption instead of software based as this slows down the performance.
 
Upvote 0 Downvote
Szyrs

Szyrs

Distinguished
Aug 28, 2013
218
0
18,810
Because you are using hardware based encryption, the only way to enable it is via hardware BIOS. You'll notice that Samsung say "...limit access to the data." as opposed to something more absolute...

From what I can gather by searching, the answer to your question is no, there is no other way of enabling the function that you desire to use.
 
Upvote 0 Downvote
lonewolf7

lonewolf7

Splendid
May 6, 2013
5,113
2
24,965
On the 840 Evo all data is encrypted. The block cipher key is stored on flash. When the ATA password gets enabled the SSD erases that key and stores an encrypted key that can only be decrypted with the ATA password. That is how it is supposed to work, at least.

And you can easily setup a password for SSD (Hard Disk1 Password), the only draw back that you cant use special character.

It also depends on MB, some MB supports the password some not.
 
Upvote 0 Downvote
Szyrs

Szyrs

Distinguished
Aug 28, 2013
218
0
18,810
Just out of curiosity, isn't an SSD comprised of flash? So this is essentially like buying a lock with a built in key? It almost seems pointless, but that you can snap the key...
 
Upvote 0 Downvote
T

Telec

Honorable
Nov 10, 2013
3
0
10,510
thanks for the replies!

It seems I have to adapt to lack of character choice.

Szyrs:
If you mean that it would be possible to retrieve the key from the SSD, try taking a look at the wiki on hardware-based FDE. It explains a few methods of retrieving the key while the computer is still running. It doesn't sound too easy to me.
 
Upvote 0 Downvote
Szyrs

Szyrs

Distinguished
Aug 28, 2013
218
0
18,810
No, it says that if you maintain power to the drive, the data remains accessible. That could be achieved in a PC with some pliers and a power ribbon, or in a laptop by simply stealing the whole thing ( even if closed and asleep, provided there was some battery).

"Vulnerabilities

Typical self-encrypting drives, once unlocked, will remain unlocked as long as power is provided. Researchers at the Universität Erlangen-Nürnberg have demonstrated a number of attacks based on moving the drive to another computer without cutting power.[7] Additionally, it may be possible to reboot the computer into an attacker-controlled operating system without cutting power to the drive.

When a computer with a self-encrypting drive is put into sleep mode, the drive is powered down, but the encryption password is retained in memory so that the drive can be quickly resumed without requesting the password. An attacker can take advantage of this to gain easier physical access to the drive, for instance, by inserting extension cables."

That's not what I meant though, I'd misunderstood a few things earlier on in the process. Cheers for the link, very interesting!

Edit: in that article it says that it's not possible to gain the key from a memory based attack but it goes on to say that when the computer is put to sleep, the key is stored in the memory. I'm not capable of carrying out any such activity, but wouldn't there be a window there to recall or intercept the key? So that a properly equipped thief could possibly attain the key (in say a laptop) by purposefully putting the computer to sleep, in order to perform a memory based attack?
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom